Canadian organizations sustained 141 ransomware attacks last year
by CM Staff
Manufacturing was the most targeted Canadian industry vertical by ransomware gangs, accounting for nearly 20 per cent of all attacks.
TORONTO — Canadian organizations sustained at least 141 ransomware attacks in 2021, according to Palo Alto Networks’ Ransomware Threat Report for 2022.
The cybersecurity technology company says its unit 42 threat intelligence team analyzed ransomware leak site data. They found that more than 56 ransomware groups leveraged multi-extortion techniques.
In the multi-extortion method of attack, the assailants encrypt the files of an organization but also name and shame the victims and/or threaten to launch additional attacks to encourage victims to pay.
Palo Alto found that cybercriminals publicly posted a total of 2,566 names and proof of compromise on ransomware leak sites, marking an 85 per cent increase compared to 2020.
Of the victims identified in Palo Alto’s recent study, 1,217 came from the United States. Another 133 from the United Kingdom, 132 from France. Italy and Germany each represented 100 publicly listed names and proof of compromise on the ransomware leak sites.
Unit 42 has followed the “once-prolific” cyber extortion group called Conti since 2020. Their research found that Conti was responsible for 27.7 per cent of the leak site activity, representing its most aggressive year yet. LockBit 2.0 came in second at 14.2 per cent.
“Ransomware gangs have become more emboldened with their attacks in Canada and around the world, targeting businesses of all shapes and sizes,” said Ivan Orsanic, regional vice president and Canada country manager at Palo Alto Networks in a statement.
“It’s not a matter of ‘if’, but when organizations will be targeted. Being prepared and having the right security strategy, policy, and technologies in place is critical to combatting the latest threats.”
Organizations in Ontario and Quebec saw the greatest amount of activity on leak sites in 2021, with 52 and 45 victims, respectively, followed by British Columbia with 24 and Alberta with 10.
Unit 42 researchers reported that 27 different ransomware groups posted details on victims in Ontario, the most of any province, followed by Quebec with 12. They did not see any leak sites posting breaches of organizations in Nova Scotia, Prince Edward Island, Yukon, Northwest Territories and Nunavut recorded in 2021.
Manufacturing was the most targeted Canadian industry vertical by ransomware gangs, accounting for nearly 20 per cent of all attacks, followed by professional and legal services at just under 20 per cent. Wholesale and retail as well as construction each accounted for 9.3 per cent.
